To turn FileVault on, follow the instructions below for the type of account you’re using.

For mobile accounts

If your user account is a mobile account, you’ll see the following error message when trying to enable FileVault:

Authentication server refused operation because the current credentials are not authorized for the requested operation.

To turn FileVault on for mobile accounts:

Log in as another admin account.

Turn on FileVault. Click the Enable User button next to your mobile account and enter the mobile account’s password.

For non-mobile accounts

If your user account is not a mobile account, and has either been created or had its password set by a command line process running as root, you may see the following error message when trying to enable FileVault:

Authentication server failed to complete the requested operation.

To turn FileVault on for non-mobile accounts:

Log in as another admin account.

Reset the password for your account using the instructions under "Reset the password for another user."

With non-mobile accounts, avoid resetting user passwords or creating new users using a command line process running as root. Here are some examples of commands you should avoid:

sudo passwd jappleseed

sudo dscl . -passwd /Users/jappleseed

sudo sysadminctl -addUser jappleseed -password temppass

To reset passwords or create new users, authenticate as an admin user. You can do this in System Preferences, or with commands like these: